+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | June 5th, 2009 Volume 10, Number 23 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for apr-util, cups, libapache-mod-jk, drupral, cyrus, mingw, pidgin, ocsinventory, maniadrive, php, ntp, opensc, freetype, acpid, freetype, libmodplug, gaim, rpmdrake, eggdrop, sudo, wireshark, and apache. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, Ubuntu, and Pardus. --- >> Linux+DVD Magazine << In each issue you can find information concerning the best use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Catch up with what professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software are doing! http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Review: Googling Security: How Much Does Google Know About You -------------------------------------------------------------- If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business and what you can do to protect yourself. http://www.linuxsecurity.com/content/view/145939 --- A Secure Nagios Server ---------------------- Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security. http://www.linuxsecurity.com/content/view/144088 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! (Dec 9) ------------------------------------------------------ Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: New apr-util packages fix several vulnerabilities (Jun 4) ----------------------------------------------------------------- http://www.linuxsecurity.com/content/view/149033 * Debian: New cups/cupsys packages fix denial of service (Jun 2) -------------------------------------------------------------- http://www.linuxsecurity.com/content/view/149018 * Debian: New libapache-mod-jk packages fix information (Jun 2) ------------------------------------------------------------- http://www.linuxsecurity.com/content/view/149017 * Debian: New Linux 2.6.26 packages fix several vulnerabilities (Jun 2) --------------------------------------------------------------------- http://www.linuxsecurity.com/content/view/149006 * Debian: New drupal6 packages fix insufficient input sanitising (Jun 1) ---------------------------------------------------------------------- http://www.linuxsecurity.com/content/view/149003 * Debian: New cyrus-sasl2/cyrus-sasl2-heimdal packages fix arbitrary code execution (Jun 1) ----------------------------------------------------------------------------------------- http://www.linuxsecurity.com/content/view/149002 ------------------------------------------------------------------------ * Fedora 10 Update: mingw32-opensc-0.11.8-1.fc10 (Jun 2) ------------------------------------------------------ CVE-2009-1603 A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc- announce/2009-May/000025.html http://www.linuxsecurity.com/content/view/149013 * Fedora 11 Update: mingw32-opensc-0.11.8-1.fc11 (Jun 2) ------------------------------------------------------ CVE-2009-1603 A minor update fixing security problem within pkcs11-tool command. http://www.opensc-project.org/pipermail/opensc- announce/2009-May/000025.html OpenSC is a package for for accessing smart card devices. Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the smart card is possible with PKCS #15 compatible cards, such as the FINEID (Finnish Electronic IDentity) card. Swedish Posten eID cards have also been confirmed to work. This is the MinGW cross-compiled Windows library. http://www.linuxsecurity.com/content/view/149014 * Fedora 10 Update: pidgin-2.5.6-1.fc10 (Jun 2) --------------------------------------------- This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ http://www.linuxsecurity.com/content/view/149012 * Fedora 10 Update: ocsinventory-1.02.1-1.fc10 (Jun 2) ---------------------------------------------------- 2 Security fixes - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users - SQL injection and Unauthenticated Arbitrary File Read Some Other minor bug fixes http://www.ocsinventory-ng. org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01 returnid=64 http://www.linuxsecurity.com/content/view/149011 * Fedora 11 Update: ocsinventory-1.02.1-1.fc11 (Jun 2) ---------------------------------------------------- 2 Security fixes - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users - SQL injection and Unauthenticated Arbitrary File Read Some Other minor bug fixes http://www.ocsinventory-ng. org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01 returnid=64 http://www.linuxsecurity.com/content/view/149010 * Fedora 9 Update: ocsinventory-1.02.1-1.fc9 (Jun 2) -------------------------------------------------- 2 Security fixes - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users - SQL injection and Unauthenticated Arbitrary File Read Some Other minor bug fixes http://www.ocsinventory-ng. org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01 returnid=64 http://www.linuxsecurity.com/content/view/149008 * Fedora 11 Update: pidgin-2.5.6-1.fc11 (Jun 2) --------------------------------------------- This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ http://www.linuxsecurity.com/content/view/149009 * Fedora 9 Update: pidgin-2.5.6-1.fc9 (Jun 2) ------------------------------------------- This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ http://www.linuxsecurity.com/content/view/149007 * Fedora 9 Update: maniadrive-1.2-13.fc9 (May 29) ----------------------------------------------- Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the "background color" argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had "display_errors" enabled, a remote attacker able to set a specially-crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP. (CVE-2008-5814) A flaw was found in the handling of the "mbstring.func_overload" configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script. (CVE-2009-1271) A flaw was found in the use of the uw-imap library by the PHP "imap" extension. This could cause the PHP interpreter to crash if the "imap" extension was used to read specially-crafted mail messages with long headers. (CVE-2008-2829) http://www.php.net/releases/5_2_7.php http://www.php.net/releases/5_2_8.php http://www.php.net/releases/5_2_9.php http://www.php.net/ChangeLog-5.php#5.2.9 http://www.linuxsecurity.com/content/view/148993 * Fedora 9 Update: php-5.2.9-2.fc9 (May 29) ----------------------------------------- Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the "background color" argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had "display_errors" enabled, a remote attacker able to set a specially-crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP. (CVE-2008-5814) A flaw was found in the handling of the "mbstring.func_overload" configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script. (CVE-2009-1271) A flaw was found in the use of the uw-imap library by the PHP "imap" extension. This could cause the PHP interpreter to crash if the "imap" extension was used to read specially-crafted mail messages with long headers. (CVE-2008-2829) http://www.php.net/releases/5_2_7.php http://www.php.net/releases/5_2_8.php http://www.php.net/releases/5_2_9.php http://www.php.net/ChangeLog-5.php#5.2.9 http://www.linuxsecurity.com/content/view/148994 * Fedora 10 Update: maniadrive-1.2-13.fc10 (May 29) ------------------------------------------------- Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the "background color" argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had "display_errors" enabled, a remote attacker able to set a specially-crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP. (CVE-2008-5814) A flaw was found in the handling of the "mbstring.func_overload" configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script. (CVE-2009-1271) A flaw was found in the use of the uw-imap library by the PHP "imap" extension. This could cause the PHP interpreter to crash if the "imap" extension was used to read specially-crafted mail messages with long headers. (CVE-2008-2829) http://www.php.net/releases/5_2_7.php http://www.php.net/releases/5_2_8.php http://www.php.net/releases/5_2_9.php http://www.php.net/ChangeLog-5.php#5.2.9 http://www.linuxsecurity.com/content/view/148991 * Fedora 10 Update: php-5.2.9-2.fc10 (May 29) ------------------------------------------- Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the "background color" argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498) A cross-site scripting flaw was found in a way PHP reported errors for invalid cookies. If the PHP interpreter had "display_errors" enabled, a remote attacker able to set a specially-crafted cookie on a victim's system could possibly inject arbitrary HTML into an error message generated by PHP. (CVE-2008-5814) A flaw was found in the handling of the "mbstring.func_overload" configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754) A flaw was found in PHP's json_decode function. A remote attacker could use this flaw to create a specially-crafted string which could cause the PHP interpreter to crash while being decoded in a PHP script. (CVE-2009-1271) A flaw was found in the use of the uw-imap library by the PHP "imap" extension. This could cause the PHP interpreter to crash if the "imap" extension was used to read specially-crafted mail messages with long headers. (CVE-2008-2829) http://www.php.net/releases/5_2_7.php http://www.php.net/releases/5_2_8.php http://www.php.net/releases/5_2_9.php http://www.php.net/ChangeLog-5.php#5.2.9 http://www.linuxsecurity.com/content/view/148992 * Fedora 9 Update: ntp-4.2.4p7-1.fc9 (May 29) ------------------------------------------- This update fixes a denial of service issue if autokey is enabled (default is disabled) and a crash in ntpq. http://www.linuxsecurity.com/content/view/148990 * Fedora 9 Update: opensc-0.11.8-1.fc9 (May 29) --------------------------------------------- A minor update fixing security problem within pkcs11-tool command. http://www .opensc-project.org/pipermail/opensc-announce/2009-May/000025.html http://www.linuxsecurity.com/content/view/148989 * Fedora 10 Update: opensc-0.11.8-1.fc10 (May 29) ----------------------------------------------- A minor update fixing security problem within pkcs11-tool command. http://www .opensc-project.org/pipermail/opensc-announce/2009-May/000025.html http://www.linuxsecurity.com/content/view/148988 * Fedora 10 Update: ntp-4.2.4p7-1.fc10 (May 29) --------------------------------------------- This update fixes a denial of service issue if autokey is enabled (default is disabled) and a crash in ntpq. http://www.linuxsecurity.com/content/view/148987 * Fedora 11 Update: opensc-0.11.8-1.fc11 (May 29) ----------------------------------------------- A minor update fixing security problem within pkcs11-tool command. http://www .opensc-project.org/pipermail/opensc-announce/2009-May/000025.html http://www.linuxsecurity.com/content/view/148986 * Fedora 11 Update: freetype1-1.4-0.8.pre.fc11 (May 28) ----------------------------------------------------- Port of freetype2 security fixes http://www.linuxsecurity.com/content/view/148978 * Fedora 9 Update: acpid-1.0.6-8.fc9 (May 28) ------------------------------------------- Fixed CVE-2009-0798 (too many open files DoS) http://www.linuxsecurity.com/content/view/148977 * Fedora 10 Update: acpid-1.0.6-11.fc10 (May 28) ---------------------------------------------- Fixed CVE-2009-0798 (too many open files DoS) http://www.linuxsecurity.com/content/view/148976 * Fedora 9 Update: eggdrop-1.6.19-4.fc9 (May 28) ---------------------------------------------- mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. The current remote denial of service is tracked as CVE-2009-1789. http://www.linuxsecurity.com/content/view/148974 * Fedora 10 Update: eggdrop-1.6.19-4.fc10 (May 28) ------------------------------------------------ mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807. The current remote denial of service is tracked as CVE-2009-1789. http://www.linuxsecurity.com/content/view/148975 * Fedora 10 Update: freetype1-1.4-0.8.pre.fc10 (May 28) ----------------------------------------------------- Port of freetype2 security fixes http://www.linuxsecurity.com/content/view/148973 ------------------------------------------------------------------------ * Gentoo: Asterisk Multiple (May 30) ---------------------------------- Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. http://www.linuxsecurity.com/content/view/148996 ------------------------------------------------------------------------ * Mandriva: Subject: [Security Announce] [ MDVSA-2009:128 ] libmodplug (Jun 4) ---------------------------------------------------------------------------- Multiple security vulnerabilities has been identified and fixed in libmodplug: Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow (CVE-2009-1438). Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name (CVE-2009-1513). The updated packages have been patched to prevent this. http://www.linuxsecurity.com/content/view/149032 * Mandriva: Subject: [Security Announce] [ MDVA-2009:089 ] openssl (Jun 4) ------------------------------------------------------------------------ This update fixes a build problem with openssl-0.9.7g-2.8.20060mlcs4 on Corporate Server 4. http://www.linuxsecurity.com/content/view/149031 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:127 ] gaim (Jun 3) ---------------------------------------------------------------------- It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2008-2927) http://www.linuxsecurity.com/content/view/149026 * Mandriva: Subject: [Security Announce] [ MDVA-2009:088 ] rpmdrake (Jun 3) ------------------------------------------------------------------------- This update fixes one issues with MandrivaUpdate: in previous update, a fix wrongly break the displaying of update descriptions & reasons. http://www.linuxsecurity.com/content/view/149021 * Mandriva: Subject: [Security Announce] [ MDVA-2009:087 ] mandriva-kde4-config (Jun 3) ------------------------------------------------------------------------------------- This update introduces the kde4 artwork for the upcoming Mandriva 2009 Spring Flash version. http://www.linuxsecurity.com/content/view/149020 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:126 ] eggdrop (Jun 1) ------------------------------------------------------------------------- mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807 (CVE-2009-1789). http://www.linuxsecurity.com/content/view/149005 * Mandriva: Subject: [Security Announce] [ MDVA-2009:086 ] sudo (May 31) ---------------------------------------------------------------------- The version of sudo shipped with 2009.1 has an incorrect path to /etc/ldap.conf compiled in. This means that users who have their sudo config supplied by their ldap server will find their rules no longer apply. This updated package uses the correct /etc/ldap.conf file. See http://www.sudo.ws/sudo/readme_ldap.html for more information on configuring sudo with ldap. http://www.linuxsecurity.com/content/view/148999 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:125 ] wireshark (May 31) ---------------------------------------------------------------------------- A vulnerability has been identified and corrected in wireshark: o Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets (CVE-2009-1829). This update provides Wireshark 1.0.8, which is not vulnerable to this issue. http://www.linuxsecurity.com/content/view/148998 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:124 ] apache (May 31) ------------------------------------------------------------------------- Multiple vulnerabilities has been found and corrected in apache: Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm (CVE-2008-1678). Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only). Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0. The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195). This update provides fixes for these vulnerabilities. http://www.linuxsecurity.com/content/view/148997 * Mandriva: Subject: [Security Announce] [ MDVA-2009:076-1 ] kdelibs (May 29) --------------------------------------------------------------------------- On Mandriva Linux 2009.0, installing a KDE3 package wouldn't automatically install the locales package for the system's language. This update fixes the issue. Update: On the previous kdelibs update we added a require on kde-i18n. After some discussion it appears that adding a suggests is a better choice. This also fixes the update, which would not work via MandrivaUpdate. http://www.linuxsecurity.com/content/view/148985 * Mandriva: Subject: [Security Announce] [ MDVA-2009:085 ] mesa (May 28) ---------------------------------------------------------------------- A bug in mesa would cause hardware accelerated yuv conversion to fail, resulting in videos being displayed with wrong colors while using a gl video output driver. This update fixes this issue. http://www.linuxsecurity.com/content/view/148979 ------------------------------------------------------------------------ * RedHat: Important: cups security update (Jun 3) ----------------------------------------------- Updated cups packages that fix one security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149027 * RedHat: Important: kernel-rt security and bug fix update (Jun 3) ---------------------------------------------------------------- Updated kernel-rt packages that fix several security issues and various bugs are now available for Red Hat Enterprise MRG 1.1.3. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149028 * RedHat: Important: cups security update (Jun 3) ----------------------------------------------- Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149029 * RedHat: Important: kernel security and bug fix update (Jun 2) ------------------------------------------------------------- Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149015 * RedHat: Low: Red Hat Enterprise Linux 2.1 - End Of Life (Jun 1) --------------------------------------------------------------- This is the End Of Life notification for Red Hat Enterprise Linux 2.1. http://www.linuxsecurity.com/content/view/149000 ------------------------------------------------------------------------ * Slackware: ntp (Jun 4) ------------------------ New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 http://www.linuxsecurity.com/content/view/149030 ------------------------------------------------------------------------ * Ubuntu: Pidgin vulnerabilities (Jun 3) --------------------------------------- It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code with user privileges. (CVE-2009-1373) It was discovered that Pidgin did not properly handle certain malformed messages in the QQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash. This issue only affected Ubuntu 8.10 and 9.04. (CVE-2009-1374) It was discovered that Pidgin did not properly handle certain malformed messages in the XMPP and Sametime protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash. (CVE-2009-1375) It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376) http://www.linuxsecurity.com/content/view/149023 * Ubuntu: Gaim vulnerabilities (Jun 3) ------------------------------------- It was discovered that Gaim did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Gaim to crash, or possibly execute arbitrary code with user privileges. (CVE-2009-1373) It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376) http://www.linuxsecurity.com/content/view/149024 * Ubuntu: CUPS vulnerability (Jun 3) ----------------------------------- Anibal Sacco discovered that CUPS did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service. http://www.linuxsecurity.com/content/view/149025 ------------------------------------------------------------------------ * Pardus: Libsndfile: Multiple (Jun 3) ------------------------------------ exploited by malicious people to cause a DoS (Denial of Service). http://www.linuxsecurity.com/content/view/149019 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------